Pace Of Cyberattacks Have Consequences for Military, US

The intensifying pace of international conflict and cyber events has consequences for the U.S. military and for the nation at large, Navy Adm. Michael S. Rogers, commander of U.S. Cyber Command, told a House panel Tuesday.

Rogers, also director of the National Security Agency, testified before the House Armed Services Emerging Threats and Capabilities Subcommittee on the fiscal year 2018 Defense Department budget request for Cybercom and its Cyber Mission Force support for defense operations.

Facing Advanced Cyber Threats

“Hardly a day has gone by during my tenure at Cyber Command that we have not seen at least one significant cybersecurity event occurring somewhere in the world,” said Rogers, adding, “We face a growing variety of advanced threats from actors who operate with ever-more sophistication and precision.”

In his written testimony, the admiral said that cyber-enabled destructive and disruptive attacks now have the potential to affect the property, rights and daily lives of Americans.

“We are particularly concerned as adversaries probe and even exploit systems used by government, law enforcement, military, intelligence and critical infrastructure in the United States and abroad,” Rogers said.

“We have seen states seeking to shape the policies and attitudes of democratic peoples,” he added, “and we are convinced such behavior will continue for as long as autocratic regimes believe they have more to gain than to lose by challenging their opponents in cyberspace.”

Lines of Operation

Cybercom tracks state and nonstate adversaries as they expand their capabilities to advance their interests in cyberspace and try to undermine U.S. national interests and those of the nation’s allies, the admiral said.

Conflict in the cyber domain is unfolding according to its own logic, he added, “which we continue to better understand. And we’re using this understanding to enhance the department’s and the nation’s situational awareness and to manage risk in the cyber arena.”

Cybercom forces conduct full-spectrum military cyberspace operations to enable actions in all domains, he told the panel.

The command’s three lines of operation are to provide mission assurance for DoD operations and defend the DoD information environment, called the DoDIN, to support joint force commander objectives globally and deter or defeat strategic threats to U.S. interests and critical infrastructure, Rogers said.

Enhanced Authorities

Rogers requested a budget of about $647 million for Cybercom for fiscal 2018, a nearly 16 percent increase from fiscal 2017 to fund Cybercom’s elevation from a subcommand of U.S. Strategic Command to a full unified combatant command, as directed by the 2017 NDAA.

The enhanced budget will be used, in part, to continue building out the cyber mission force and adding cyber-specific capabilities and tools, and funding Joint Task Force Ares and the Cyber Combat Mission Force to support the fight against the Islamic State of Iraq and Syria.

Rogers created JTF-Ares after receiving an execute order in 2016 from then-Defense Secretary Ash Carter authorizing Cybercom to “task organize” for specific missions that could last to last weeks, months or longer, the admiral said in written testimony.

He established the new organization to coordinate cyberspace operations against ISIS, providing unity of command and effort for Cybercom and coalition forces working to counter ISIS in cyberspace.

Rogers said the JTF-model has helped Cybercom direct operations in support of Centcom operations, and “marks an evolution in the command-and-control structure in response to urgent operational needs.”

He told the panel that all cyber mission force teams are scheduled to be fully operational by the end of fiscal 2018, and named some of the enhancement of command responsibilities and authorities Cybercom expects in 2018.

These include increasing cyber manpower, enhancing professionalization of the cyber workforce, building defensive and offensive capability and capacity, and streamlining what Rogers called “cyber-operations-peculiar” acquisition capabilities.

“These are critical enablers for cyber space operations in a dynamically changing global environment,” the admiral said, “and most or all of these particulars have been directed in recent National Defense Authorization Acts.”

Operational Successes

Rogers told the panel that Cybercom’s operational successes have validated concepts for creating cyber effects on the battlefield and beyond.

“Innovations are constantly emerging out of operational necessity and real-world experiences,” he said, “and meeting the requirements of national decision makers and joint force commanders continues to mature our operational approaches and effectiveness over time.”

Cybersecurity is a national security issue requiring a whole-of-nation approach that brings together public and private sectors of U.S. society, Rogers said, noting that the Cybercom Point of Partnership program in Silicon Valley, California, and Boston has proven successful.

The initiative, he told the panel, “link[s] our command to some of the most innovative minds from industry, working together on cybersecurity as we face 21st Century threats together in the private and public sectors.”